JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 192.42.116.104

192.42.116.104 was found in our database!

This IP was reported 434 times. Confidence of Abuse is 100%: ?

100%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	TOR EXIT AND MORE
Usage Type	Data Center/Web Hosting/Transit
ASN	AS215125
Domain Name	cyberology.nl
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 192.42.116.104

Whois 192.42.116.104

IP Abuse Reports for 192.42.116.104:

This IP address has been reported a total of 434 times from 217 distinct sources. 192.42.116.104 was first reported on March 31st 2026, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇬 pa4080	2026-06-21 10:55:32 (7 hours ago)	Detected by ModSecurity. Request URI: /index.php?s=/index/think%5Capp/invokeMethod&method[0]=think%5 ... show more Detected by ModSecurity. Request URI: /index.php?s=/index/think%5Capp/invokeMethod&method[0]=think%5Cview%5Cdriver%5CPhp&method[1]=display&vars[0]=%3C?php%20echo%20md5(%27a3233a3800f8cba9dd419d1997d27412%27); show less	Hacking Web App Attack
🇫🇷 ELYAZ	2026-06-21 01:43:36 (16 hours ago)	(y4) Failed scan -byebye- from 192.42.116.104 (-): (CF_ENABLE)	Hacking
🇬🇧 SilverZippo	2026-06-21 00:33:51 (17 hours ago)	Web App Attack	Web App Attack
Anonymous	2026-06-20 22:59:21 (18 hours ago)	192.42.116.104 - - [20/Jun/2026:19:59:20 -0300] "GET /?parent_id=0&post_id=92&name=%F0%9F%92%B3+Top+ ... show more 192.42.116.104 - - [20/Jun/2026:19:59:20 -0300] "GET /?parent_id=0&post_id=92&name=%F0%9F%92%B3+Top+Up+236%2C538+%24.+GET+-%3E+graph.org%2FBALANCE-3682444-USD-04-21-2%3Fhs%3D48f4d8be97d737cdeb676944b754d587%26+%F0%9F%92%B3&email=ibfzd6skhmkoaw%40web-library.net&comment=679s60 HTTP/2.0" 200 320092 "https://www.guiadovarejo.com.br?parent_id=0&post_id=92&name=%F0%9F%92%B3+Top+Up+236%2C538+%24.+GET+-%3E+graph.org%2FBALANCE-3682444-USD-04-21-2%3Fhs%3D48f4d8be97d737cdeb676944b754d587%26+%F0%9F%92%B3&email=ibfzd6skhmkoaw%40web-library.net&comment=679s60" "Mozilla/5.0 (Linux; Android 5.1.1; Redmi 3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Mobile Safari/537.36" ... show less	Port Scan Hacking SQL Injection Brute-Force Bad Web Bot Exploited Host
🇩🇪 conseilgouz	2026-06-20 22:40:51 (19 hours ago)	avw-Joomla User : try to access forms...	Hacking
🇮🇹 marmila	2026-06-20 20:24:56 (21 hours ago)	SSH brute-force against Cowrie honeypot	Brute-Force SSH
🇵🇱 MatStef132	2026-06-20 10:24:47 (1 day ago)	MatShield L7: blocked on dzielnicarp.eu (suspicious behaviour)	DDoS Attack
🇮🇹 Inartis	2026-06-20 01:51:22 (1 day ago)	192.42.116.104 - - [20/Jun/2026:03:51:20 +0200] "POST /xmlrpc.php HTTP/1.1" 403 5183 "-" "Mozilla/5. ... show more 192.42.116.104 - - [20/Jun/2026:03:51:20 +0200] "POST /xmlrpc.php HTTP/1.1" 403 5183 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 192.42.116.104 - - [20/Jun/2026:03:51:21 +0200] "POST /xmlrpc.php HTTP/1.1" 403 413 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 192.42.116.104 - - [20/Jun/2026:03:51:22 +0200] "POST /xmlrpc.php HTTP/1.1" 403 413 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 pixiekat	2026-06-20 00:10:05 (1 day ago)	[Sat Jun 20 00:10:03.506921 2026] [authz_core:error] [pid 217922:tid 217945] [client 192.42.116.104: ... show more [Sat Jun 20 00:10:03.506921 2026] [authz_core:error] [pid 217922:tid 217945] [client 192.42.116.104:43411] AH01630: client denied by server configuration: /var/www/html/.env~ [Sat Jun 20 00:10:03.859768 2026] [authz_core:error] [pid 217922:tid 217951] [client 192.42.116.104:43411] AH01630: client denied by server configuration: /var/www/html/.env.sample.php [Sat Jun 20 00:10:04.109612 2026] [authz_core:error] [pid 217922:tid 217963] [client 192.42.116.104:43411] AH01630: client denied by server configuration: /var/www/html/.env.local.php [Sat Jun 20 00:10:04.666653 2026] [authz_core:error] [pid 217922:tid 217964] [client 192.42.116.104:43411] AH01630: client denied by server configuration: /var/www/html/sendgrid [Sat Jun 20 00:10:04.831524 2026] [authz_core:error] [pid 217922:tid 217955] [client 192.42.116.104:43411] AH01630: client denied by server configuration: /var/www/html/.env.php-bak ... show less	Brute-Force
🇩🇪 tentwentyfour	2026-06-19 19:19:36 (1 day ago)	Blocked for brute-forcing WordPress log-in	Brute-Force Web App Attack
🇩🇪 NewGastroline	2026-06-19 15:49:18 (2 days ago)	Malicious request blocked by CrowdSec on gastro-prod1.boreus.de	Bad Web Bot Web App Attack
🇺🇸 nowyouknow	2026-06-19 11:33:29 (2 days ago)	(From [email protected]) uxrwbi	Phishing Web Spam
🇯🇵 demonsword	2026-06-19 09:56:46 (2 days ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: d3azdm1q0gvo54.cloudfront.net:80 show less	Open Proxy Port Scan
🇺🇸 nowyouknow	2026-06-17 18:38:48 (3 days ago)	(From [email protected]) jzqivz	Phishing Web Spam
🇫🇮 as211431.net	2026-06-17 16:27:57 (4 days ago)	Triggered Cloudflare WAF (firewallCustom) from T1. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from T1. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.DS_Store UA: Go-http-client/1.1 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot

Showing 1 to 15 of 434 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:9e88:7001

🇹🇼 211.75.252.252

🇹🇼 198.235.24.83

🇺🇸 43.166.136.153

🇮🇹 185.124.182.122

🇺🇸 173.194.94.152

🇳🇱 45.148.10.147

🇷🇺 45.91.64.6

🇻🇳 36.50.135.229

🇳🇱 204.76.203.36

🇦🇷 181.88.244.249

🇳🇱 176.65.139.181

🇺🇸 165.154.172.244

🇺🇸 147.182.202.179

🇺🇸 134.209.67.172

🇰🇷 125.249.72.194

🇷🇺 109.252.131.43

🇺🇸 104.23.187.145

🇩🇪 69.5.169.119

🇨🇳 36.111.40.138